Export limit exceeded: 361712 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (361712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5568 1 Datawizard 1 Ftpxq 2026-04-23 N/A
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command.
CVE-2006-6957 1 Docebo 1 Docebo 2026-04-23 N/A
PHP remote file inclusion vulnerability in addons/mod_media/body.php in Docebo 3.0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[where_framework] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. This issue is similar to CVE-2006-2576 and CVE-2006-3107, but the vectors are different.
CVE-2007-2357 1 Sinecms 1 Sinecms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mods/Core/result.php in SineCms 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the stringa parameter.
CVE-2006-5583 1 Microsoft 1 Windows 2003 Server 2026-04-23 N/A
Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability."
CVE-2006-5584 1 Microsoft 1 Windows 2000 2026-04-23 N/A
The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS.
CVE-2006-5585 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-23 N/A
The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."
CVE-2006-6961 1 Webroot Software 1 Spy Sweeper 2026-04-23 N/A
WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name.
CVE-2006-5586 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-23 N/A
The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."
CVE-2007-4502 1 Joomla 1 Bibtex 2026-04-23 N/A
SQL injection vulnerability in index.php in the BibTeX component (com_jombib) 1.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the afilter parameter.
CVE-2007-2371 1 Gregory Kokanosky 1 Phpmynewsletter 2026-04-23 N/A
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.
CVE-2006-5611 1 Toshiba 1 Bluetooth Stack 2026-04-23 N/A
Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related to CVE-2006-5405.
CVE-2007-2373 1 Wf-links 1 Wf-links 2026-04-23 N/A
SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1.03 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2006-5615 1 Textpattern 1 Textpattern 2026-04-23 N/A
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
CVE-2006-5616 2 Openpbs, Suse 2 Openpbs, Suse Linux 2026-04-23 N/A
Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors.
CVE-2006-5621 1 Ask Rave 1 Ask Rave 2026-04-23 N/A
PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR, and other versions before 0.9b, allows remote attackers to execute arbitrary PHP code via a URL in the footfile parameter.
CVE-2006-5559 1 Microsoft 4 Data Access Components, Windows 2000, Windows 2003 Server and 1 more 2026-04-23 N/A
The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.
CVE-2007-2349 1 Invision Power Services 1 Invision Power Board 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote attackers to inject arbitrary web script or HTML by uploading crafted images or PDF files.
CVE-2006-5556 1 Hp 1 Hp-ux 2026-04-23 N/A
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
CVE-2006-6342 1 Klf-design 1 Klf-realty 2026-04-23 N/A
Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) agent parameters in (a) search_listing.asp, and the (3) property_id parameter in (b) detail.asp.
CVE-2006-5551 1 Qksoft 1 Qk Smtp 2026-04-23 N/A
Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.